OverTheWire — Natas Level 5
Complete Walkthrough and explanation with images of natas level 5
- after logging in,
- we can see a message
Access disallowed. You are not logged in
- if we view the page source, we don’t get anything useful
- So to solve this level, we should know what cookies are. Cookies are small pieces of data that store information about the user or computer for identification.
- Now, we have to manipulate the cookie in such a way that we are logged in.
- curl is a tool to transfer data from or to a server
curl http://natas5.natas.labs.overthewire.org/ -u natas5 -c natas5_cookie.txt
-u as this requires authentication, we provide a user, when prompted, enter the natas5 level password
c is used to get the cookies on the website, and
natas5_cookie.txt is the filename where the cookies will be stored
- please read the man page for more
- after this, we get a file displaying the cookies
now we have to edit the file and changeloggedin to
loggedin 1 (0 means false and 1 is true)
- now we need to send this edited cookie file,
curl http://natas5.natas.labs.overthewire.org/ -u natas5 -b natas5_cookie.txt"
b is used to mention the cookie file name we modified
- And we get the password!!
- We can also do this by changing the cookie directly from the browser or by using some browser extension for cookie manipulation.